Case one: Yesterday while scanning my computer, spybot informed me of a win32.2urface.bho infection. I am normally very careful when browsing the internet, but I do know my younger brother and his friends used my computer recently....so I am assuming that is where this came from. I took screencaps of the problems I have had and will include them with this post. If anyone can offer any help I would be very grateful!
Case two: i am having issues with a lap top that was infected by
win32.2urface.bho and win32.downloader.gen. the laptop belongs a friend of mine and she was having issues connecting to the internet. i said i would help her out thinking it was going to be something simple but unfortunately it was not. i downloaded spybot and malware bytes and ran them both. But the virus Is still there. Any help will be appreciated.
Case three: I seem to be afflicted by a trojan/virus. It comes up in Spybot as win32.downloader.gen, and Spybot cannot remove. I am using Norton Internet Security 19.9.1.14 fully updated, and the quick scan shows nothing, I am still running a full scan. I was also recently afflicted by opt_content[1].js. These problems appear to stem from a download from CNET (who I usually trust) of Harry's Photo Filters, which also installed a bunch of crap into my browsers. So far there is no record of this threat on Norton. A search of the community doesn't come up with this, though it is recognized by Spybot.
How harmful win32.2urface.bho is ?
The same as win32.downloader.gen, win32.2urface.bho is also a malicious Trojan horse which will perform a lot of malicious tasks to destroy the operating system of the infected PC. From the cases above, you can notice that win32.2urface.bho Trojan horse will interrupt computer users to operate the infected computer normally.
At the same time, win32.2urface.bho uses a lot of tricky tactics to protect itself from being removing from automatic scans. To permanently get rid of win32.2urface.bho, you need to use manual removal method. Follow the guide as below to remove this nasty computer virus right now.
Manually remove win32.2urface.bho virus:
Step 1: Launch your PC into Safe Mode with Networking.
Restart your computer. As your computer restarts but before Windows launches, tap "F8" key constantly. Use the arrow keys to highlight the "Safe Mode with Networking" option, and then press ENTER.
Step 2: Stop all processes that related to this computer virus
Press Window+R keys together. In the dialogue box that pop-up, type into taskmgr and press OK.
Terminate all the malicious processes in the Window Task Manager.
Step3:Disable any suspicious startup items that are made by infections.
click start menu; type msconfig in the search bar; open System Configuration Utility; Disable all possible startup items generated.
Step4:Show all hidden files and clean all the malicious files about this virus
Click the Start button and choose Control Panel, clicking Appearance and Personalization, to find Folder Options then double-click on it.
In the pop-up dialog box, click the View tab and uncheck Hide protected operating system files (Recommended).
Clean all the malicious files about this computer virus as below.
%AppData%\<random>.exe
%CommonAppData%\<random>.exe
%temp%\<random>.exe
C:\Program Files\<random>
C:\Windows\Temp\<random>.exe
Step5:Remove all the vicious registry entries as follows:
Open Registry Editor by pressing Window+R keys together and typing into Regedit, then pressing Enter.
Find out all harmful registry entries of the virus and delete all of them.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "<random>" = "%AppData%\<random>.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "<random>" = "%AppData%\<random>.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes"=".zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation"=1
Video on how to remove Trojan horse:
Note: win32.2urface.bho is very tricky; it mutates frequently and changes its names usually. You must be very careful when you delete its malicious files, registries and folders. Should you have any difficulties in cleaning win32.2urface.bho manually, you could try the automatic removal with SpyHunter.
Step 1: click the icon below to download automatic removal tool SpyHunter
Step 2: follow the instructions to install SpyHunter
Step 3: run SpyHunter to automatically detect and uninstall Win32.2urface.bho
There may be some other issues such as windows registry errors in your system. To avoid potential risk and to ensure your computer security, you are suggested to use RegCure Pro to optimize your system after the Win32.2urface.bho removal.
Step 4: click the icon below to download RegCure Pro
Step 5: follow the instructions to install RegCure Pro
Step 6: run RegCure Pro to optimize your system
Note: Though Manual removal is the best way to get rid of Win32.2urface.bho, it is a huge process and a risky method which may cause irreversible man-made damage to your computer if some mistakes were made during the removing process. If you are not professional, you could download SpyHunter to exterminate Win32.2urface.bho automatically in a timely fashion.
No comments:
Post a Comment